Total
8096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15946 | 3 Debian, Fedoraproject, Opensc Project | 3 Debian Linux, Fedora, Opensc | 2021-11-30 | 4.4 MEDIUM | 6.4 MEDIUM |
| OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c. | |||||
| CVE-2020-20445 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service. | |||||
| CVE-2019-15945 | 3 Debian, Fedoraproject, Opensc Project | 3 Debian Linux, Fedora, Opensc | 2021-11-30 | 4.4 MEDIUM | 6.4 MEDIUM |
| OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c. | |||||
| CVE-2020-20453 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service | |||||
| CVE-2020-20446 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service. | |||||
| CVE-2018-16402 | 5 Canonical, Debian, Elfutils Project and 2 more | 7 Ubuntu Linux, Debian Linux, Elfutils and 4 more | 2021-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. | |||||
| CVE-2017-14160 | 2 Debian, Xiph.org | 2 Debian Linux, Libvorbis | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file. | |||||
| CVE-2018-10392 | 3 Debian, Redhat, Xiph.org | 6 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 3 more | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-12605 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillColorRow8 function in utils.cpp when reading an image file by using cv::imread. | |||||
| CVE-2017-12604 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the FillUniColor function in utils.cpp when reading an image file by using cv::imread. | |||||
| CVE-2017-12601 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case. | |||||
| CVE-2017-12599 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image file by using cv::imread. | |||||
| CVE-2017-12603 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case. | |||||
| CVE-2017-12598 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case. | |||||
| CVE-2017-12606 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of-bounds write error in the function FillColorRow4 in utils.cpp when reading an image file by using cv::imread. | |||||
| CVE-2020-11082 | 2 Debian, Kaminari Project | 2 Debian Linux, Kaminari | 2021-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1. | |||||
| CVE-2017-12862 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | |||||
| CVE-2017-12863 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | |||||
| CVE-2017-12864 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | |||||
| CVE-2017-1000450 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2021-11-30 | 6.8 MEDIUM | 8.8 HIGH |
| In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. | |||||